[peruser] Mod_python problem
Lord Le
lordle07 at gmail.com
Thu Oct 11 17:04:47 MDT 2007
Hi,
Paul,
> Also, consider the wisdom of using chroot() at all.
>
> http://kerneltrap.org/Linux/Abusing_chroot
Of course, I know about disadvantages of using chroot(). But we're trying to
patch them as far as possible using kernel grsecurity for example. And I
know that there shouldn't be 100% trust for using chroot(). But on the other
hand, if we're using peruser to change UID/GID, we could also use chroot to
have yet another security level. And chrooting is giving some more
possibilities - individual envorinments for each user for example.
--
Best regards,
Pawel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.telana.com/pipermail/peruser/attachments/20071012/7c610d1e/attachment.html
More information about the Peruser
mailing list